TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

United States Privacy Digest | Notes from the IAPP, Dec. 11, 2020 Related reading: HHS proposes HIPAA Privacy Rule modifications



Greetings from York, Maine!

There has been a flurry of privacy activity this week as the year comes to a close. You can read about this week’s happenings below.

Yesterday, the U.S. Department of Health and Human Services' Office for Civil Rights proposed some major changes to the Health Insurance Portability and Accountability Act Privacy Rule. I haven’t had a chance to go through the entire document yet — it’s 357 pages — but I wanted to touch on some of the highlights, particularly what the proposed changes will mean for patients if enacted.

The revamped rules are partially in response to the COVID-19 pandemic, which the agency said has illuminated some of the issues in the health care system “including the lack of data sharing and access.” 

“Our proposed changes to the HIPAA Privacy Rule will break down barriers that have stood in the way of commonsense care coordination and value-based arrangements for far too long,” HHS Secretary Alex Azar said.

Health care providers would be able to discuss a patient’s condition with family members in an emergency or crisis situation if they felt it would be in the patient’s best interest. This seems particularly important now as family members are often unable to accompany their loved ones to the hospital during the COVID-19 crisis.

Under the proposed rules, individuals would have the right to inspect and obtain copies of their personal health information on the spot. No more waiting for notes from your doctor’s visit to show up in the health portal or covertly trying to sneak a peek at your records while in the hospital. Patients would be able to take notes, take photos or even video of their PHI.

The new rules would also allow individuals to give permission to share their PHI between health care providers and the doctor’s office — and not the patient — must obtain the files.

An interesting note: HHS has recommended eliminating the requirement that health care providers obtain written acknowledgment that an individual received a copy of the provider's privacy policy and then keep it for six years. Instead, the rules give the individual the right to discuss the policy “with a person designated by the covered entity.”

Those are just a few of the proposed changes, but they’ve already received some positive feedback from the American Health Information Management Association. “We are pleased to see the long-awaited release of the Office of Civil Rights’ proposed modification to the HIPAA Privacy Rule that aims to empower patients and enhance care coordination,” AHIMA CEO Wylecia Wiggs Harris wrote in a news release. “In particular, we are pleased the rule proposes strengthening the individual right of access under HIPAA."

It will be interesting to see how this plays out — there’s no question HIPAA needs to catch up with the technological advances of the 21st century.

I know what I'll be doing over the next couple of days — reading the rest of the proposal so you won't have to. 

Have a safe weekend.


If you want to comment on this post, you need to login.